Linode API Token scopes in current login session
Is there an endpoint for scopes enabled on the current session. Without
granting the account:read_only.
Can access token scopes via the Personal Access Token View
and it requires account:read_only.
I wanted to validate that the token had correct access before proceeding.
Thanks
1 Reply
pgoebel
Linode Staff
Hello,
Looking through the endpoints in our API document, there is not a way to view the scopes of a specific token without the current token at least having account:read-only. There are a few API endpoints that are always accessible, such a Profile View and Grants List, but nothing that reveals the access level of individual tokens.
I want to point out the Grants List endpoint - this would show exactly what a given user has the ability to interact with or deploy, on a per-feature basis. This is slightly different than revealing the token-level access, but if part of your use case is validating access before taking an action, this could potentially answer a lot of those questions. This link to the API document goes directly to the section where you can see sample requests and expected output for this endpoint: https://techdocs.akamai.com/linode-api/reference/get-profile-grants
The initial explanation about Grants List in that section I linked above mentions how it could be useful when writing a third-party OAuth app, where you are granting a user access to act on your account’s behalf. This could be another potential avenue to explore in finding a solution to your projects needs. you can check out our detailed guide on that process here:
Hopefully this helps! Let us know if you have any other API questions.
Regards,
Peter G. (he/him)
Linode Support Team